Mazu Networks has published its annual "Internal Threat Report" based on a survey of IT professionals asked to describe the use of their networks and where attacks upon them were apparent last year.
The report is available at the company's Web site by registration.
The survey, in which research firm Enterprise Startegu Group last December asked 218 IT professionals to answer 34 questions about security, shows that 84% indicated their organizations provide network access to non-employees as part of business use.
Some of the main problems uncovered were active user accounts for ex-employees and others and rogue wireless access points.
Half of the respoindents reported that their internal networks had been compromised by at least one worm in the last 12 months, despite the fact that 2005 was fairly quiet in terms of new worms in comparison to the previous two years.
Seventeen percent said their organizations had suffered a targeted attack from an internal source, and 23% said there had been an "internal security breach" caused by a credentialed employee or contractor. One in five named "intellectual property theft" as the cause.
When it comes to worm-based attacks, 56% said it took up to three hours to detect a worm invasion, while another 25% said it took 3 to 6 hours.
Twentyeight percent said it took 3 to 6 hours to clean up and remediate the impact of the attack, 14% said 6 to 12 hours, 26% claimed more than 24 hours, 12% said it took 12 to 24 hours, and 14% took 6 to 12 hours. (3% "did not know").
In terms of what corporate division is responsible for detecting and responding to attacks, 47% named the "network operations group," 51% said the "security group", 2% were "other" and 1% was "didn't know."
Technologies or services in use to identify attacks and recover from them, ranked from most-used to least-used, include: intrusion-detection systems; a spike noticed in network traffic; IT groups sharing information; an increase in helpdesk calls; security alerts from a security event management product; network management alerts; detection of system crashes; internal firewall use; log-file reviews; and external security intelligence.
When asked which government regulations are most important, 70% of respondents put "Sarbanes-Oxley" at the top of the list, followed by the federal healthcare regulations HIPAA and California's Database Breach Act of 2004.
Post a comment
|
Does Verizon's Voyager stack up to the iPhone? |
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.
Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?
